Hipster Cybercrime: Malware Goes Retro for 2013

Below:

Next story in Tech and gadgets

Cybercrime became suddenly old fashioned in the first three
months of 2013, with spam emails and classic malware making huge
comebacks.

The amount of spam
email messages doubled in the first quarter, with more than
1.9 trillion bogus messages sent in March alone.

That's twice the number recorded in December 2012, which saw the
end of a downward spam trend that had lasted for more than a
year, said anti-virus software maker McAfee in its newly released
Threats Report: First Quarter 2013.

Another oldie but goodie, the venerable but versatile
Koobface worm, which attacks social networks on Macs and PCs
alike, also experienced healthy growth in the first quarter, much
to the dismay of security researchers.

"With Koobface, which plagues Facebook users, we found almost
three times as many samples this quarter compared with last
quarter. That’s another record high point and double the size of
the prior mark, set in the fourth quarter of 2009," the McAfee
report said.

Cybercriminals found still another way to go retro from January
through March, targeting financial institutions with a new
variant of the infamous Citadel
banking Trojan, using it to steal data rather than dollars in
highly targeted attacks.

"All malware that we track — affecting clients, servers,
networks, mobiles — now stands at more than 128 million samples,"
the McAfee report said, citing rapid growth, particularly in the
ransomware and Master Boot Record malware sectors.

"With ransomware,
cybercriminals hold a system hostage and insist on payment to
unlock a computer. But will they free the machine after the
victim pays?" the report asked. "There are no guarantees, and
anonymous payment systems make it basically impossible to track
their movements."

Master Boot Record malware, which first appeared in the late
1990s, infects the part of a hard disk that tells a computer
which operating system to load upon startup.

"MBR threats can remain on a system for a long time without the
victim’s knowledge, and download other forms of malware," the
McAfee report noted.

Also making a comeback were AutoRun worms, which exploit Windows
machines that are
set to automatically run software upon the insertion of
removable volumes, such as CD-ROMs or USB sticks.

"AutoRun malware, which often hides on USB drives and can allow
an attacker to take control of a system, has risen rapidly for
two quarters and reached a new high, with almost 1.7 million new
threats," the report noted.

In more modern trends, January through March saw continued steady
growth in mobile malware, with 30 percent of all active mobile
malware appearing for the first time in those 90 days.

That actually represents a slight decrease in the rate of growth
from last year, but still puts mobile malware on track to have
another record-breaking year.

In 2011, McAfee collected only 792 samples of
mobile malware. Since then, the company's library, or "zoo,"
of mobile malware has grown to hold almost 51,000 samples, almost
all of which run on Android.

Despite the popular image of Chinese cyberspies and Russian
online criminals, American IP addresses represent both the
largest source and the most frequent targets of network attacks,
the report found.

The most common attacks are browser based, initiating
drive-by downloads using malicious iframe links buried in Web
pages, as well as Java code exploits.

The United States also saw a 12 percent uptick in the number of
suspicious Web links, which are usually used by phishers to trick
victims into giving up personal information or granting access to
a secure network.

The report said the sheer number of cybercriminals on the
Internet is rising as skilled malware coders make and sell
"hack-by-numbers," off-the-shelf malware kits that make the
barriers to cybercrime success much easier to overcome.

"Cybercriminals continue to develop and market crimeware tools,
which make it easy for inexperienced scammers to join the ranks
and exploit victims," the report said.

If the McAfee Threat Report makes one thing clear, it's that
those who rely on networked devices need to remain as vigilant as
ever against Internet threats.

By regularly updating your computer and smartphone and running a
good anti-virus program you can minimize
your exposure to most of the malware floating around.

Remain wary when opening emails and clicking on links, and do
your best to verify their sources. Criminals are adept at
spoofing messages to appear as if they are corporate
communications or even personal messages from friends' email
addresses.